In a deliciously ironic turn, the dark web hacking forum Nulled.io has had its user database stolen and published for all to see.
Nulled is a forum where hackers exchange stolen credit card and identity details, malware-creation kits, and cracks to common software platforms. Unnamed hackers have broken into the site's database and published a 9.45GB SQL file named db.sql showing the emails, location data, and activities of those who logged on.
"Considering this forum promotes the sharing of these activities, it makes this breach quite ironic. Nulled.IO was running the IP.Board community forum commonly known as IP.b or IPb. It appears that the forum was also running an IP.Nexus Setup for its market place as well as VIP forums among a few other IPb plugins," said RiskBased Security.
"While we do not have confirmation as to how this breach occurred at this point, there have been over 4,500 vulnerabilities to date in 2016, and with 185 total vulnerabilities in IP.Board (92 of them do not have a CVE by the way!) it is not hard to make a guess!"
Law enforcement officers will, no doubt, be poring through the database with interest. It seems geolocation data for 907,162 posts is included in the hacking trawl, which could lead to convictions down the line.
Interestingly, there are 20 .gov email accounts listed in the database, indicating that state-sponsored hacking teams were active on the site, including those from the United States, Philippines, Brazil, Turkey and others.
It also seems that Google is a popular choice for throwaway accounts, since 515,998 Gmail accounts are registered at the site. Hotmail was the next most-popular option, with 150,210 accounts.
The identity of the crew that took down Nulled's database isn't known, but it's not beyond the bounds of possibility that state-sponsored hackers are taking a more aggressive approach to exposing online criminal forums. ®